API tools faq
paste
Advertisement
Guest User

Shell Scripting Made Easy

a guest
Aug 9th, 2012
559
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.40 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env sh
  2. ###################################################################################################
  3. # Checks for vulnerability in AIX RPC first issued May 8th.                                       #
  4. ###################################################################################################
  5.  
  6. #############
  7. # Variables #
  8. #############
  9. # These are all the levels vulnerable to this exploit.
  10. _vulnerable_levels=(  "5.3.12.0" "5.3.12.1" "5.3.12.2" "5.3.12.3" "5.3.12.4" "5.3.12.5" "6.1.5.0" "6.1.5.1" "6.1.5.2" "6.1.5.3" "6.1.5.4" "6.1.5.5" "6.1.5.6" "6.1.5.7" "6.1.6.0" "6.1.6.1" "6.1.6.2" "6.1.6.3" "6.1.6.4" "6.1.6.5" "6.1.6.6" "6.1.6.7" "6.1.6.8" "6.1.6.9" "6.1.6.10" "6.1.6.11" "6.1.6.12" "6.1.6.13" "6.1.6.14" "6.1.6.15" "6.1.6.16"  "6.1.7.0" "6.1.7.1" "7.1.0.0"  "7.1.0.1"  "7.1.0.2"  "7.1.0.3"  "7.1.0.4"  "7.1.0.5"  "7.1.0.6"  "7.1.0.7"  "7.1.0.8"  "7.1.0.9"  "7.1.0.10"  "7.1.0.11"  "7.1.0.12"  "7.1.0.13"  "7.1.0.14"  "7.1.0.15"  "7.1.0.16" "7.1.0.17" "7.1.1.0" "7.1.1.1" )
  11.  
  12. # SSH Options.
  13. _ssh_opts='-q -o BatchMode=yes -o ConnectTimeout=20 -o ConnectionAttempts=1 -o ClearAllForwardings=yes'
  14.  
  15. # Makes text bold.
  16. _b=`tput smso`
  17.  
  18. # Unset text bold.
  19. _nb=`tput sgr0`
  20.  
  21. _date=`date +"%m%d%y_%H%M%S"`
  22.  
  23. _hosts="host1 host2 host3"
  24.  
  25. for _host in ${_hosts}
  26. do
  27.         # Go out to the server and make sure it is AIX. If it's not, skip it.
  28.         _uname=`ssh ${_ssh_opts} ${_host} "uname"`
  29.         if [ "${_uname}" != "AIX" ]; then
  30.                 continue
  31.         fi
  32.  
  33.         # Get the fileset level for bos.net.tcp.client
  34.         _actual_host_level=`ssh ${_ssh_opts} ${_host} "lslpp -L bos.net.tcp.client | grep bos.net.tcp.client | awk '{ print \\$2 }'"`
  35.  
  36.         # Failure counter.
  37.         _fail=0
  38.  
  39.         # Main loop.
  40.         for _vulnerable_level in ${_vulnerable_levels[@]}
  41.         do
  42.                 # If the values from our array match actuals, then say so.
  43.                 if [ "${_actual_host_level}" = "${_vulnerable_level}" ]; then
  44.                         printf "${_host} is vulnerable with bos.net.tcp.client of ${_actual_host_level}.\n"     | tee -a rpc.scan.${_date}
  45.                         _fail=`expr ${_fail} + 1`
  46.                 fi
  47.         done
  48.  
  49.         # If our failure counter hasn't gone off, then declare us not vulnerable.
  50.         if [ ${_fail} -eq 0 ]; then
  51.                 printf "${_host} is not vulnerable.\n" | tee -a rpc.scan.${_date}
  52.         fi
  53. done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!